Mercurial > hgrepos > Python2 > PyMuPDF
comparison mupdf-source/thirdparty/curl/projects/wolfssl_options.h @ 2:b50eed0cc0ef upstream
ADD: MuPDF v1.26.7: the MuPDF source as downloaded by a default build of PyMuPDF 1.26.4.
The directory name has changed: no version number in the expanded directory now.
| author | Franz Glasner <fzglas.hg@dom66.de> |
|---|---|
| date | Mon, 15 Sep 2025 11:43:07 +0200 |
| parents | |
| children |
comparison
equal
deleted
inserted
replaced
| 1:1d09e1dec1d9 | 2:b50eed0cc0ef |
|---|---|
| 1 /* | |
| 2 By default wolfSSL has a very conservative configuration that can result in | |
| 3 connections to servers failing due to certificate or algorithm problems. | |
| 4 To remedy this issue for libcurl I've generated this options file that | |
| 5 build-wolfssl will copy to the wolfSSL include directories and will result in | |
| 6 maximum compatibility. | |
| 7 | |
| 8 These are the configure options that were used to build wolfSSL v3.11.0 in | |
| 9 mingw and generate the options in this file: | |
| 10 | |
| 11 C_EXTRA_FLAGS="\ | |
| 12 -Wno-attributes \ | |
| 13 -Wno-unused-but-set-variable \ | |
| 14 -DFP_MAX_BITS=16384 \ | |
| 15 -DTFM_TIMING_RESISTANT \ | |
| 16 -DWOLFSSL_STATIC_DH \ | |
| 17 -DWOLFSSL_STATIC_RSA \ | |
| 18 " \ | |
| 19 ./configure --prefix=/usr/local \ | |
| 20 --disable-jobserver \ | |
| 21 --enable-aesgcm \ | |
| 22 --enable-alpn \ | |
| 23 --enable-certgen \ | |
| 24 --enable-des3 \ | |
| 25 --enable-dh \ | |
| 26 --enable-dsa \ | |
| 27 --enable-ecc \ | |
| 28 --enable-eccshamir \ | |
| 29 --enable-fastmath \ | |
| 30 --enable-opensslextra \ | |
| 31 --enable-ripemd \ | |
| 32 --enable-sessioncerts \ | |
| 33 --enable-sha512 \ | |
| 34 --enable-sni \ | |
| 35 --enable-sslv3 \ | |
| 36 --enable-supportedcurves \ | |
| 37 --enable-testcert \ | |
| 38 > config.out 2>&1 | |
| 39 | |
| 40 Two generated options HAVE_THREAD_LS and _POSIX_THREADS were removed since they | |
| 41 are inapplicable for our Visual Studio build. Currently thread local storage is | |
| 42 only used by the Fixed Point cache ECC which we're not enabling. However even | |
| 43 if we later may decide to enable the cache it will fallback on mutexes when | |
| 44 thread local storage is not available. wolfSSL is using __declspec(thread) to | |
| 45 create the thread local storage and that could be a problem for LoadLibrary. | |
| 46 | |
| 47 Regarding the options that were added via C_EXTRA_FLAGS: | |
| 48 | |
| 49 FP_MAX_BITS=16384 | |
| 50 https://www.yassl.com/forums/topic423-cacertorgs-ca-cert-verify-failed-but-withdisablefastmath-it-works.html | |
| 51 "Since root.crt uses a 4096-bit RSA key, you'll need to increase the fastmath | |
| 52 buffer size. You can do this using the define: | |
| 53 FP_MAX_BITS and setting it to 8192." | |
| 54 | |
| 55 TFM_TIMING_RESISTANT | |
| 56 https://wolfssl.com/wolfSSL/Docs-wolfssl-manual-2-building-wolfssl.html | |
| 57 From section 2.4.5 Increasing Performance, USE_FAST_MATH: | |
| 58 "Because the stack memory usage can be larger when using fastmath, we recommend | |
| 59 defining TFM_TIMING_RESISTANT as well when using this option." | |
| 60 | |
| 61 WOLFSSL_STATIC_DH: Allow TLS_ECDH_ ciphers | |
| 62 WOLFSSL_STATIC_RSA: Allow TLS_RSA_ ciphers | |
| 63 https://github.com/wolfSSL/wolfssl/blob/v3.6.6/README.md#note-1 | |
| 64 Static key cipher suites are deprecated and disabled by default since v3.6.6. | |
| 65 */ | |
| 66 | |
| 67 /* wolfssl options.h | |
| 68 * generated from configure options | |
| 69 * | |
| 70 * Copyright (C) 2006-2015 wolfSSL Inc. | |
| 71 * | |
| 72 * This file is part of wolfSSL. (formerly known as CyaSSL) | |
| 73 * | |
| 74 */ | |
| 75 | |
| 76 #ifndef WOLFSSL_OPTIONS_H | |
| 77 #define WOLFSSL_OPTIONS_H | |
| 78 | |
| 79 | |
| 80 #ifdef __cplusplus | |
| 81 extern "C" { | |
| 82 #endif | |
| 83 | |
| 84 #undef FP_MAX_BITS | |
| 85 #define FP_MAX_BITS 16384 | |
| 86 | |
| 87 #undef TFM_TIMING_RESISTANT | |
| 88 #define TFM_TIMING_RESISTANT | |
| 89 | |
| 90 #undef WOLFSSL_STATIC_DH | |
| 91 #define WOLFSSL_STATIC_DH | |
| 92 | |
| 93 #undef WOLFSSL_STATIC_RSA | |
| 94 #define WOLFSSL_STATIC_RSA | |
| 95 | |
| 96 #undef OPENSSL_EXTRA | |
| 97 #define OPENSSL_EXTRA | |
| 98 | |
| 99 /* | |
| 100 The commented out defines below are the equivalent of --enable-tls13. | |
| 101 Uncomment them to build wolfSSL with TLS 1.3 support as of v3.11.1-tls13-beta. | |
| 102 This is for experimenting only, afaict TLS 1.3 support doesn't appear to be | |
| 103 functioning correctly yet. https://github.com/wolfSSL/wolfssl/pull/943 | |
| 104 | |
| 105 #undef WC_RSA_PSS | |
| 106 #define WC_RSA_PSS | |
| 107 | |
| 108 #undef WOLFSSL_TLS13 | |
| 109 #define WOLFSSL_TLS13 | |
| 110 | |
| 111 #undef HAVE_TLS_EXTENSIONS | |
| 112 #define HAVE_TLS_EXTENSIONS | |
| 113 | |
| 114 #undef HAVE_FFDHE_2048 | |
| 115 #define HAVE_FFDHE_2048 | |
| 116 | |
| 117 #undef HAVE_HKDF | |
| 118 #define HAVE_HKDF | |
| 119 */ | |
| 120 | |
| 121 #undef TFM_TIMING_RESISTANT | |
| 122 #define TFM_TIMING_RESISTANT | |
| 123 | |
| 124 #undef ECC_TIMING_RESISTANT | |
| 125 #define ECC_TIMING_RESISTANT | |
| 126 | |
| 127 #undef WC_RSA_BLINDING | |
| 128 #define WC_RSA_BLINDING | |
| 129 | |
| 130 #undef HAVE_AESGCM | |
| 131 #define HAVE_AESGCM | |
| 132 | |
| 133 #undef WOLFSSL_RIPEMD | |
| 134 #define WOLFSSL_RIPEMD | |
| 135 | |
| 136 #undef WOLFSSL_SHA512 | |
| 137 #define WOLFSSL_SHA512 | |
| 138 | |
| 139 #undef WOLFSSL_SHA384 | |
| 140 #define WOLFSSL_SHA384 | |
| 141 | |
| 142 #undef SESSION_CERTS | |
| 143 #define SESSION_CERTS | |
| 144 | |
| 145 #undef WOLFSSL_CERT_GEN | |
| 146 #define WOLFSSL_CERT_GEN | |
| 147 | |
| 148 #undef HAVE_ECC | |
| 149 #define HAVE_ECC | |
| 150 | |
| 151 #undef TFM_ECC256 | |
| 152 #define TFM_ECC256 | |
| 153 | |
| 154 #undef ECC_SHAMIR | |
| 155 #define ECC_SHAMIR | |
| 156 | |
| 157 #undef WOLFSSL_ALLOW_SSLV3 | |
| 158 #define WOLFSSL_ALLOW_SSLV3 | |
| 159 | |
| 160 #undef NO_RC4 | |
| 161 #define NO_RC4 | |
| 162 | |
| 163 #undef NO_HC128 | |
| 164 #define NO_HC128 | |
| 165 | |
| 166 #undef NO_RABBIT | |
| 167 #define NO_RABBIT | |
| 168 | |
| 169 #undef HAVE_POLY1305 | |
| 170 #define HAVE_POLY1305 | |
| 171 | |
| 172 #undef HAVE_ONE_TIME_AUTH | |
| 173 #define HAVE_ONE_TIME_AUTH | |
| 174 | |
| 175 #undef HAVE_CHACHA | |
| 176 #define HAVE_CHACHA | |
| 177 | |
| 178 #undef HAVE_HASHDRBG | |
| 179 #define HAVE_HASHDRBG | |
| 180 | |
| 181 #undef HAVE_TLS_EXTENSIONS | |
| 182 #define HAVE_TLS_EXTENSIONS | |
| 183 | |
| 184 #undef HAVE_SNI | |
| 185 #define HAVE_SNI | |
| 186 | |
| 187 #undef HAVE_TLS_EXTENSIONS | |
| 188 #define HAVE_TLS_EXTENSIONS | |
| 189 | |
| 190 #undef HAVE_ALPN | |
| 191 #define HAVE_ALPN | |
| 192 | |
| 193 #undef HAVE_TLS_EXTENSIONS | |
| 194 #define HAVE_TLS_EXTENSIONS | |
| 195 | |
| 196 #undef HAVE_SUPPORTED_CURVES | |
| 197 #define HAVE_SUPPORTED_CURVES | |
| 198 | |
| 199 #undef HAVE_EXTENDED_MASTER | |
| 200 #define HAVE_EXTENDED_MASTER | |
| 201 | |
| 202 #undef WOLFSSL_TEST_CERT | |
| 203 #define WOLFSSL_TEST_CERT | |
| 204 | |
| 205 #undef NO_PSK | |
| 206 #define NO_PSK | |
| 207 | |
| 208 #undef NO_MD4 | |
| 209 #define NO_MD4 | |
| 210 | |
| 211 #undef USE_FAST_MATH | |
| 212 #define USE_FAST_MATH | |
| 213 | |
| 214 #undef WC_NO_ASYNC_THREADING | |
| 215 #define WC_NO_ASYNC_THREADING | |
| 216 | |
| 217 | |
| 218 #ifdef __cplusplus | |
| 219 } | |
| 220 #endif | |
| 221 | |
| 222 | |
| 223 #endif /* WOLFSSL_OPTIONS_H */ |